Dealing with nuisance calls and spam

It's really important to us that we take all forms of nuisance, malicious, spam or phishing attempts seriously.

If you've had a text message asking you to enter sensitive info like your card details, it's probably spam. The best thing to do is to delete it right away.

We've got some more useful info on how to block any nuisance calls on our blog.

Smishing

Text spam (known as SMS Phishing or Smishing for short) is something scammers use to trick you into going to a website or to call a specified number. If you respond, they’ll ask you to provide confidential details, attempt to infect your device with malware, or get you to respond to a premium rate service.

These messages can be really convincing and they might look like they’re from organisations you’ve used before.

What Smishing might look like

Scammers can make Smishing look like genuine messages, but keep an eye out for some of these clues:

Smishing might make you think:

• You’re going to be locked out of your account, or that your account has been compromised
• You've won something or can get something for free or at a bargain price if you reply quickly.

Remember: you have to reply to one of these messages to put your device at risk, so they’ll always ask you to take an action.

They might want you to:

• Click on a link (which might install malware on your device)
• Enter confidential info like a password or date of birth
• Phone a number so they can ask you for sensitive info or get you to call a premium rate number.

Think you’ve been sent one of these messages?

Don't worry – just remember:

• Don't click on links unless you're 100% sure they're genuine.
• Think about whether the sender would contact you in this way – most companies won't ask you to confirm bank details over text message.
• Remember that if it looks too good to be true, it probably is.
• Don't respond to any suspicious messages
• Forward the message to 7726 for free so your mobile phone provider can investigate and act.

If you're still not sure, get in touch with the organisation that seems to have sent you the message to see if it's from them. Just make sure you don't use any of the contact details from the text – go to their website to find more info.

Need more information about staying safe online? Check out our Privacy and Security hub.

Spam messages

Spam messages are usually marketing messages that are sent to you without you requesting them. They can be really annoying or intrusive but can sometimes be stopped easily and are usually harmless if ignored. The people who send these messages might want to access your personal information, sell you a premium rate service or get you to contact them so that they can refer you to another company that wants to sell you something.

We want to protect you from spam. If you think you’re getting spam messages sent to you, check out these steps:

• Is it definitely spam? Legitimate marketing messages usually come from a shortcode or company that you recognise because you’ve told them you don’t mind getting messages, or because you’ve used their services. Find out more about shortcodes.

Report the spam message to us by:

• Forwarding the unwanted message free of charge to 7726
• Forwarding the number of the person who sent you the message free of charge to 7726

Check the type of message:

• If the message came from a shortcode, or it asks if you want to stop receiving these messages, reply Stop All to stop them.
• If you've received the message from a mobile phone number or any other untrustworthy source, don’t reply.
• If the message is about accident insurance claims, don’t respond at all and report the message to us straight away.

We may not be able to completely stop all unwanted messages on our network, but we'll always do our best to protect you from spam.

If you're worried about the spam messages you've received, you can report to the Information Commissioner's Office (ICO) for more help. In your report, include:

• The time and date you received the message
• The content of the message.

The ICO might not be able to follow up individual complaints if you haven't got any details about the company that’s claiming to be contacting you.

Spam calls

Sometimes you might get calls on your phone that play automated messages when you answer. These calls might try to sell you things like personal injury legal services, or PPI. These are spam calls, and they can be unsolicited, annoying and sometimes illegal.

If you get one of these calls, hang up straight away. Don’t make any number selections during the call, even if it says that doing so will stop future calls.

You can report the call by texting the word call and the number that called you to 7726.

We’re working with other operators, industry bodies and the government to try to stop people getting these calls.

Spoofing – Nuisance callers changing their Caller ID

A bit about Spoofing.

Most phones let you see the number of the person calling before you answer, but there've been more and more instances when callers and criminals deliberately change their caller ID. This is what we call spoofing.

Sometimes there's a good reason for a caller to modify the Caller ID, like leaving an 0800 number for the customer to call back, but spoofing callers do this to hide their identity or make you think it's a legitimate call.

For example, identity thieves looking to steal sensitive information such as your bank account or login details might use spoofing to make it look like your bank or credit card company is calling.

Ofcom is working with the international regulators and the telecoms industry to put a stop to spoofing, so don't worry – we're fighting it!

What you can do.

Identity thieves and other fraudsters often pose as representatives of banks, credit card companies, creditors, or government departments to get people to reveal their account numbers and other sensitive information.

Never give out personal information on an incoming call, and don't rely on caller ID to identify a caller, especially if they claim to be from someone like your bank.

Hang up the call and call the company back using their official details – maybe check your account statement or the company's website – to find out if the call was genuine. Try to wait at least 5 minutes before you do this to make sure the line clears and you're not contacting fraudsters.

If you're worried, you can report it to the police by calling 101 or 999 if the crime is in progress. Calls to 999 are free, but calls to 101 are charged at 15p per call. Both services are available 24 hours a day 7 days a week.

If you think you've been a victim of call spoofing

1. Contact Action Fraud

   You can call Action Fraud on 0300 123 2040 (standard call rates apply) Monday to Friday between the hours of 8am to 8pm or visit www.actionfraud.police.uk. Action Fraud is the UK's national reporting centre for fraud and internet crime. Remember, if debit cards, online banking or cheques are involved in the scam your first step should be to contact your bank or credit card company.

2. Tell Trading Standards

   If you think something may be a scam, you can call 03454 04 05 06 (standard call rates apply) Monday to Friday between the hours of 9am to 5pm and tell the Citizens Advice Consumer Service, who can pass details of the case on to Trading Standards.

   The Trading Standards service is responsible for protecting consumers and the community against rogue traders and traders acting unfairly.

3. The Telephone Preference Services (TPS)

   Register your mobile number with The Telephone Preference Service (TPS), it's a free service and is the official central opt out register where you can choose not to receive unsolicited sales or marketing calls from all companies you have given consent to - https://www.tpsonline.org.uk/tps/number_type.html